From 0f7af71452b7676d46aa51c8d7bb281a7fb05c11090f0b9298a2e2581289eead Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Mon, 2 Jun 2008 23:08:56 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/openSUSE:Factory/qemu?expand=0&rev=25

---
 bug-380828_qemu-block-format-arg.diff | 68 +++++++++++++++++++++++++++
 qemu-img-vmdk-scsi.patch              |  2 +-
 qemu.changes                          | 11 +++++
 qemu.spec                             |  9 +++-
 4 files changed, 88 insertions(+), 2 deletions(-)
 create mode 100644 bug-380828_qemu-block-format-arg.diff

diff --git a/bug-380828_qemu-block-format-arg.diff b/bug-380828_qemu-block-format-arg.diff
new file mode 100644
index 00000000..4ea08dd4
--- /dev/null
+++ b/bug-380828_qemu-block-format-arg.diff
@@ -0,0 +1,68 @@
+From: Chris Wright <chrisw@redhat.com>
+Subject: [PATCH] add format= to drive options
+
+A guest with a raw format disk can write any format header to that device.
+A subsequent restart of the guest will cause qemu to interpret the format
+header and could allow the guest read access to any host file.  Add a
+format= drive option to allow host to specify, e.g. format=raw, to give
+qemu a hint to choose a specific block format driver.  Originially noted
+by Avi Kivity <avi@qumranet.com>.
+
+Signed-off-by: Chris Wright <chrisw@redhat.com>
+[Aurelien Jarno: port to SVN tip for QEMU)
+================================================================================
+--- qemu-0.9.1/qemu-doc.texi
++++ qemu-0.9.1/qemu-doc.texi
+@@ -252,6 +252,10 @@
+ @var{snapshot} is "on" or "off" and allows to enable snapshot for given drive (see @option{-snapshot}).
+ @item cache=@var{cache}
+ @var{cache} is "on" or "off" and allows to disable host cache to access data.
++@item format=@var{format}
++Specify which disk @var{format} will be used rather than detecting
++the format.  Can be used to specifiy format=raw to avoid interpreting
++an untrusted format header.
+ @end table
+ 
+ Instead of @option{-cdrom} you can use:
+--- qemu-0.9.1/vl.c
++++ qemu-0.9.1/vl.c
+@@ -4877,13 +4877,14 @@
+     int bus_id, unit_id;
+     int cyls, heads, secs, translation;
+     BlockDriverState *bdrv;
++    BlockDriver *drv = NULL;
+     int max_devs;
+     int index;
+     int cache;
+     int bdrv_flags;
+     char *params[] = { "bus", "unit", "if", "index", "cyls", "heads",
+                        "secs", "trans", "media", "snapshot", "file",
+-                       "cache", NULL };
++                       "cache", "format", NULL };
+ 
+     if (check_params(buf, sizeof(buf), params, str) < 0) {
+          fprintf(stderr, "qemu: unknowm parameter '%s' in '%s'\n",
+@@ -5051,6 +5052,14 @@
+         }
+     }
+ 
++    if (get_param_value(buf, sizeof(buf), "format", str)) {
++	drv = bdrv_find_format(buf);
++	if (!drv) {
++	    fprintf(stderr, "qemu: '%s' invalid format\n", buf);
++	    return -1;
++	}
++    }
++
+     get_param_value(file, sizeof(file), "file", str);
+ 
+     /* compute bus and unit according index */
+@@ -5150,7 +5159,7 @@
+         bdrv_flags |= BDRV_O_SNAPSHOT;
+     if (!cache)
+         bdrv_flags |= BDRV_O_DIRECT;
+-    if (bdrv_open(bdrv, file, bdrv_flags) < 0 || qemu_key_check(bdrv, file)) {
++    if (bdrv_open2(bdrv, file, bdrv_flags, drv) < 0 || qemu_key_check(bdrv, file)) {
+         fprintf(stderr, "qemu: could not open disk image %s\n",
+                         file);
+         return -1;
diff --git a/qemu-img-vmdk-scsi.patch b/qemu-img-vmdk-scsi.patch
index b3a19ed3..10e27227 100644
--- a/qemu-img-vmdk-scsi.patch
+++ b/qemu-img-vmdk-scsi.patch
@@ -18,7 +18,7 @@ Index: qemu-0.9.1/block-vmdk.c
 -            real_filename, (flags & BLOCK_FLAG_COMPAT6 ? 6 : 4), total_size / (63 * 16));
 +            real_filename, (flags & BLOCK_FLAG_COMPAT6 ? 6 : 4),
 +            total_size / (63 * 16),
-+            flags & BLOCK_FLAG_SCSI ? "buslogic" : "ide");
++            flags & BLOCK_FLAG_SCSI ? "lsilogic" : "ide");
  
      /* write the descriptor */
      lseek(fd, le64_to_cpu(header.desc_offset) << 9, SEEK_SET);
diff --git a/qemu.changes b/qemu.changes
index 1bbd1228..4c59e64b 100644
--- a/qemu.changes
+++ b/qemu.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Thu May 15 17:33:53 CEST 2008 - cthiel@suse.de
+
+- use lsilogic instead of buslogic for SCSI VMDK images
+
+-------------------------------------------------------------------
+Thu May  8 13:56:20 CEST 2008 - uli@suse.de
+
+- add format option to disable autodetection of disk image format
+  (bnc#380828)
+
 -------------------------------------------------------------------
 Fri Apr 25 13:33:40 CEST 2008 - uli@suse.de
 
diff --git a/qemu.spec b/qemu.spec
index 82f8f747..988296aa 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -18,7 +18,7 @@ License:        BSD 3-Clause; GPL v2 or later; LGPL v2.1 or later; X11/MIT
 Group:          System/Emulators/PC
 Summary:        Universal CPU emulator
 Version:        0.9.1
-Release:        35
+Release:        46
 Source:         %name-%version.tar.bz2
 #Patch400: qemu-0.7.0-gcc4-dot-syms.patch
 #Patch401: qemu-0.8.0-gcc4-hacks.patch
@@ -60,6 +60,7 @@ Patch82:        qemu-cvs-svm2.patch
 Patch83:        qemu-cvs-ppcspe.patch
 Patch84:        qemu-s390dis-license.patch
 Patch85:        qemu-img-vmdk-scsi.patch
+Patch86:        bug-380828_qemu-block-format-arg.diff
 Source200:      kvm_bios.bin
 Source201:      zx-rom.bin
 Source202:      COPYING.zx-rom
@@ -164,6 +165,7 @@ Authors:
 %patch83
 %patch84
 %patch85 -p1
+%patch86 -p1
 %if 1
 cd gcc-3.3.5
 %patch600
@@ -316,6 +318,11 @@ rm -rf %{gcc33tmp}
 %endif
 
 %changelog
+* Thu May 15 2008 cthiel@suse.de
+- use lsilogic instead of buslogic for SCSI VMDK images
+* Thu May 08 2008 uli@suse.de
+- add format option to disable autodetection of disk image format
+  (bnc#380828)
 * Fri Apr 25 2008 uli@suse.de
 - revert secfix (causes data corruption, no known good patch
   available yet)